This will work in 99% of the cases, but there may be some situations when it’s not quite enough. The above command enables Screen Sharing by enabling Remote Management; however, we lose the ability to add fine-grained control to who can connect & those who can’t.

In the second example, we enable only Screen Sharing, not Remote Management. This allows us to use System Preferences to restrict who can screen share to our machine (e.g. local administrators, network administrators). We use the second example when configuring our authentication servers remotely.

Alessandro, nice script. And yes, you’re right: the agent needs to be loaded. Although in my second example I load the agent explicitly using launchctl, in the first example it isn’t necessary—kickstart loads it on my behalf.

a question to the experts, who helped me to find out one strange behavior:

Remote Management:

Admin uses ARD to get the screen, logs in via the OS X login-screen and works.
Ordinary User uses the screen-sharing.app, logs in via HIS user and password and ist confronted with the question wether to open his own space or to take over Admins Screen! Admin will NOT be asked to confirm, that User is allowed to do so!

Screen Sharing:

Admin uses ARD to get the screen, logs in via the OS X login-screen and works.
Ordinary User uses the screen-sharing.app, logs in via HIS user and password and ist confronted with the question wether to open his own space or to take over Admins Screen AFTER BEEING GRANTED PERMISSION! Admin WILL be asked to confirm, that User is allowed to do so! THIS is (in my opinion) the correct behavior!

Now the question: Is there any way to configure Mac OS X (Mavericks Server) to have the described Screen-Sharing behavior WHILE using and having configured Remote Management?

When you say, “How do I reset this?”, do you mean, “How do I disable screensharing from the command line?”

October 27, 2013 at 10:19 am

Ramon Felciano says:

Thanks for posting this Brian. I found it while trying to debug a problem where screensharing has stopped working on my Mac Mini. After executing the above commands, is there a way to confirm that the screen sharing setup is now active?

Brian, you’re awesome! That first command is exactly the command I needed today to get into a headless mac mini while outside the office! Thanks ^_^

January 16, 2014 at 7:06 pm

Brian Cunnie says:

@Ramon: it’s launchd, not screensharingd, that’s listening on the port.

@Hiraldo: Glad it’s helpful.

@James: We miss you here at Pivotal Labs.

April 4, 2014 at 3:01 pm

Chris says:

Brian, first of all, thanks. This works great. But how do I get this to run as a cron event? Any ideas? I’ve setup my timing and included the command you have provided. I’m looking to restart remote login every so often in the event is gets turned off. Thanks in advance.

May 12, 2014 at 3:48 pm

Chris says:

Nevermind. I got it to work. Thanks anyway for your post. It helped me to get on the right track. Good day.

Another question to the experts: Is it possible to force VNC to start with the login screen? The reason is that I want to open a VNC session to my own machine to a test user. Currently it looks like the login screen is only shown on coincidence. And without it will simply show a recursive picture (nice but not useful).

November 4, 2014 at 10:07 am

Brian Cunnie says:

Hi Thomas,

I don’t know if OS X has a way to accomplish what you’re asking (screensharing to yourself but with a different login screen).

If you ever find a way, let me know—I’m curious.

Interestingly, Linux/UNIX has a way to do it because it can run multiple Xservers (i.e. displays)

—Brian

November 17, 2014 at 11:27 am

Karl says:

Hi Guys,

I think this site is where i need to be, but i need to be spoon fed on what is going on here.
Background:
I have a mac mini server 2012 running i believe to be Lion Server. It’s fully up and running, but has since been moved (countries) and connected to my home network, directly to the ISP router.

Here lies the problem:
When i connect my MacBookAir 2014 running Yosemite, and MacBookPro 2011 running Mavericks, i see the server in the shared part of the finder. So far so good. Both MacBooks back up to the server using Time Machine, and when i select the server in the shared finder window i get access to the server folders.
However when i attempt to screen share, from either MacBook it doesn’t like it. When i attempt to connect from ‘Connect to server’ in the finder menu it attempts to but then fails. (once i spent hours trying to determine the miniserver ip address)

Will the terminal command above allow me to access the screen sharing function to enable it (i’m not sure if i accidentally disabled it, along with remote management either)..then allow me to connect to the miniserver via screen sharing (i previously could do this on a different home network with another MacBookAir and my 2011 MacBookPro). Or is there a more fundamental problem of incompatible OS, new network config?

Or do i just need to plug the miniserver into my TV with a keyboard and mouse attached and then access the admin controls this way?

I’ve no experience at all with command lines or terminal, and am scared to ‘death’ to use the ‘sudo’ command unless i know for sure it’s not going to kill anything, that i need. Do these command lines access the miniserver or the local machine?

Please help. Again, super, step by step guidance is really necessary and more than welcome…thanks in advance…

Karl

November 12, 2014 at 11:03 am

Brian Cunnie says:

Hi Karl,

Your situation sounds complicated, and doesn’t lend itself to a step-by-step solution. I’d call in the help of a good systems administrator if I were you.

—Brian

November 17, 2014 at 11:24 am

Karl says:

Hi Brian,

Thanks.

I actually solved it…I had the luxury of being able to move it so plugged it into my tv via HDMI cable. Of course i needed to find a USB mouse and keyboard initially. However once that was established and logged into the admin account, i realised, that i’d disabled the screen sharing, even though remote management was still enabled (still no clue how to use that), hence the reason why no screen sharing was available. However once established, i used my MBA to connect via screen sharing, and i could even control the server via screen sharing from my MBA using the MBA keyboard and track pad and showing on the tv.

I reconnected to my ISP router, and bob’s your uncle, access and screen sharing working just fine.

I just thought i’d share, as i’m sure others have done the same thing by turning off screen sharing.

I'm a systems administrator at Pivotal Labs. I've worked at a slew of startups and with a slew of UNIXes (OS X, Linux, FreeBSD, OpenBSD, HP-UX, AIX, Solaris/SunOS UTS, Xenix, Ultrix, and even the original UNIX). In my spare time I play rugby.